Cloudflare for Teams Dynamic IP address

Is their a way for my location to use dynamic IP address?
I would like to use Cloudflare for Teams for family content filtering.

regards
Mark

I haven’t found an easy way to do this, so I just set local DNS to use 1.1.1.3 and skip the Teams part. The only special feature Teams I used was the logging…which I only watched for the first week or two.

Thanks for the reply.
Already doing that

Kind regards
Mark

1 Like

This topic was automatically closed after 31 days. New replies are no longer allowed.

@markfl You can use Cloudflare Gateway to enforce content and security policies, regardless of the source IP generating queries, by sending queries through DNS over HTTPS (DoH). Create a location in your account in the Teams dash and a DoH URL is automatically created (no need to even register a source IPv4 address for that location). Assign a policy to that location.

You can send queries upstream to that DoH endpoint through a variety of DoH clients including cloudflared. Not only do you not need to worry about the source IP of your queries, but your queries are encrypted on the wire as well.

3 Likes

Thanks for the reply @pzimmerman, I guess one nice feature to have is have the Source IP on file automatically update when using DoH?

The key thing I’m focusing on however is using plain DNS as that is what most routers support out of the box, and having something similar to NextDNS where users can ping a unique/secret link associated with their account on a scheduled job: https://i.imgur.com/uQIvGk4.png

I checked around the Cloudflare Gateway settings and it appears this is not supported yet; is this in the roadmap?

It’s something the team has discussed but not roadmapped. I hear you that a lot of routers don’t support this capability out of the box–have you thought about deploying a local resolver like a pi-hole for this? I’ve used a Pi Zero in this way for years since my (SoHo) router doesn’t support DoH even with flashed firmware.

1 Like

Thanks, I admit I am a little too lazy to set up PiHole :slight_smile:

Good to know the team is aware of this, hopefully it is considered for the future.

nice, I just noticed my Gateway location showing just that. I remembered I just configured DNS over HTTPS in my Opera browser

hmm guess that didn’t work as well using Gateway DOH server now gives following when accessing https://dash.teams.cloudflare.com/

hmms was a temp issue, refreshing page a few times worked!

1 Like

In the Teams dashboard, where our Source IP Address, can we be able to enter a DDNS address, instead? We use Chromebooks, which do not support IPV6 DNS servers or DoH.

If it’s not an IPv4 address, then, no.

I have an account with a DDNS provider. If I enter my unique DDNS address, my IP address is returned. Is this something that Cloudflare can support in the future? Static IP addresses are expensive. Chromebooks do not support IPV6 DNS server addresses or DoH.

Install the Cloudflare 1.1.1.1 client from https://1.1.1.1, sign into your team and configure your DoH subdomain.

1 Like

Does Google Play install onto Chromebooks?

If I wanted to put this on our router so that everybody on our network gets filtered, how would I do this? Our IP address changes. Unfortunately, a static IP is expensive. A DDNS address is much more affordable.

If our WAN address no longer matches the one in the Cloudflare console, what would happen? Would web pages still resolve but without our policies being applied? Or, would nothing resolve until the correct address is entered into the console?

Any chance of Cloudflare accepting a DDNS address? That would allow us to implement on our network without having to install clients on every device.
There are no clients available for Chromebooks or Amazon Fire tablets. Many schools are handing those devices out to students during this pandemic.

Thanks so much for your help.

Matthew

I can’t seem to find the format of a DDNS address. All I see is plugging in your username and password behind your router because that’s the only way a DDNS service will know your Dynamic IP address. There’s no way Cloudflare can do that from their end.

One popular DDNS provider is www.dyn.org. You set up an account with them and choose an available DDNS address. An example of a DDNS address would be MyName.dyn.org. Most routers have a built-in DDNS client that updates your DDNS provider with your current IP address. So, when someone types MyName.dyn.org, it will resolve to your real, and current IP address. When your IP address changes, the DDNS client in your router updates the DDNS provider with your new IP address. The new IP address propagates to DNA servers all around the world.

If Cloudfare’s console could accept a DDNS address, like MyName.dyn.org, which would resolve to a real IP address, that would enable a lot more people to use the service.

2 Likes

Depends on the year/ model.

1 Like